Modernizing Authentication — What It Takes to Transform Secure Access
Not everyone thinks the power of positive thinking is a prudent path to self improvement, but Akamai Chief Security Office Andy Ellis believes it can have a positive impact on IT security.
Ellis presented on the topic of cognitive injection at the recent RSA conference and, in a video interview with eSecurityPlanet, explained what cognitive injection is all about and how Akamai is using it today.
"We live in a world that is a fantasy," Ellis said, pointing out that what our brains process is only a subset of what actually goes on around us. Often what we attribute to malice or incompetence is just a function of not understanding the world in which a decision or a person is operating, he said.
Cognitive injection is a method to get IT security people to empathize with their business partners so they can understand how decisions are made. The overall goal is to be able to "inject" ideas into the human brain so that decisions are made that will lead to a more favorable outcome.https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i
The idea of cognitive injection isn't just theory at Akamai; it's is also used in practice.
"We have an adversarial resilience team at Akamai whose job is to model the adversary for people within Akamai," Ellis said. "To do that, you can't be an adversary, you have to come across as somebody that has their best interests at heart and is really their friend."
Ellis noted that many traditional security teams will come into an environment with a superiority complex and tell people they can break security in 30 seconds. That type of attitude is not the way to bring about change, according to Ellis.
"The way to effect change is by building allies inside your organization," Ellis said.
Watch the full video interview with Andy Ellis below:
Sean Michael Kerner is a senior editor at eSecurityPlanet and InternetNews.com. Follow him on Twitter @TechJournalist.